VYPR

Array AG Series

by Array Networks

CVEs (2)

  • CVE-2023-28461KEVMar 15, 2023
    risk 0.25cvss epss 0.68

    Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable…

  • CVE-2023-24613Feb 3, 2023
    risk 0.00cvss epss 0.01

    The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this…